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DETAILED ACTION 



1. This office action is in response to the claims filed on 11/25/2003. 



2. 



Claims 1-24 are pending. 



3. 



Claims 1-24 are rejected. 



Claim Rejections - 35 USC § 103 



4. Claim s 1 -5, 7-11,1 3-1 7 and 1 9-23 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Lee (US Patent 7047561 B1 ) in view of Inoue et al. (US Patent 
6167513). 

In regards to claim 1 , Lee shows in figure 5 a packet processing method to using 
a firewall in association with real-time Internet applications. After layer 3 and layer 4 
processing is carried out at step 515, at step 520 the packet is split into TCP and UDP 
data. The process of figure 5 is carried out according to the functions of the network 
layers in figure 2, where layers 7 through 3 implement packet filter policy (establishing a 
policy manager). 

Subsequently in steps 550 and 555, packet filtering is applied (examining the 
packet according to at least one filter in the policy manager). 

If at step 555, a packet is allowed to pass through, at subsequent steps 560 and 
565, TCP and IP headers are respectively added (informing a driver whether to modify 
the packet) 

In further regards to claim 1 , Lee fails to teach, the filtering policies being applied 
on a mobile node. Inoue teaches the above-mentioned limitation in figure 3 where a 
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mobile IP network is shown with gateways 4a-4c and a mobile node 2. The gateways, 
carryout filtering according to prescribe security policies for the mobile node (see 
column 11, lines 19-23). 

Therefore, it would have been obvious to one skilled in the art at the time the 
invention was made to incorporate the firewall processing method taught by Lee into a 
security policy implement by the gateways in the mobile IP network disclosed by Inoue. 
The motivation to do so would be to provide security for real time applications that use 
mobile IP. 

In regards to claim 2, Lee shows in steps 565 an IP header added to a packet. 

In regards to claim 3, Lee in combinations with Inoue teaches all the limitations of 
parent claims 1 and 2. Lee fails to show new source and destination addresses being 
added to an IP header. Inoue however shows in figure 7, an inner IP header being 
added with a new source and destination addresses. 

Therefore, it would have been obvious to one skilled in the art at the time the 
invention was made to incorporate the firewall processing method taught by Lee into a 
security policy implement by the gateways in the mobile IP network disclosed by Inoue. 
The motivation to do so would be to provide security for real time applications that use 
mobile IP. 

In regards to claims 4 and 5, Lee shows in step 520, the data being split into TCP 
and UDP data and in steps 550 and 560, UDP packet filtering policy is applied. 
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In regards to claim 7, Lee shows in figure 5 a packet processing method to using 
a firewall in association with real-time Internet applications. After layer 3 and layer 4 
processing is carried out at step 515, at step 520 the packet is split into TCP and UDP 
data. The process of figure 5 is carried out according to the functions of the network 
layers in figure 2, where layers 7 through 3 implement packet filter policy (establishing a 
policy manager). 

Subsequently in steps 550 and 555, packet filtering is applied (examining the 
packet according to at least one filter in the policy manager). 

If at step 555, a packet is allowed to pass through, at subsequent steps 560 and 
565, TCP and IP headers are respectively added (informing a driver whether to modify 
the packet) 

In further regards to claim 7, Lee fails to teach, the filtering policies being applied 
on a mobile node. Inoue teaches the above-mentioned limitation in figure 3 where a 
mobile IP network is shown with gateways 4a-4c and a mobile node 2. The gateways, 
carryout filtering according to prescribe security policies for the mobile node (see 
column 11, lines 19-23). 

Therefore, it would have been obvious to one skilled in the art at the time the 
invention was made to incorporate the firewall processing method taught by Lee into a 
security policy implement by the gateways in the mobile IP network disclosed by Inoue. 
The motivation to do so would be to provide security for real time applications that use 
mobile IP. 

In regards to claim 8, Lee shows in steps 565 an IP header added to a packet. 
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In regards to claim 9, Lee in combinations with Inoue teaches all the limitations of 
parent claims 7 and 8. Lee fails to show new source and destination addresses being 
added to an IP header. Inoue however shows in figure 7, an inner IP header being 
added with a new source and destination addresses. 

Therefore, it would have been obvious to one skilled in the art at the time the 
invention was made to incorporate the firewall processing method taught by Lee into a 
security policy implement by the gateways in the mobile IP network disclosed by Inoue. 
The motivation to do so would be to provide security for real time applications that use 
mobile IP. 

In regards to claims 10 and 11, Lee shows in step 520, the data being split into 
TCP and UDP data and in steps 550 and 560, UDP packet filtering policy is applied. 

In regards to claim 13, Lee shows in figure 5 a packet processing method to 
using a firewall in association with real-time Internet applications. After layer 3 and 
layer 4 processing is carried out at step 515, at step 520 the packet is split into TCP and 
UDP data. The process of figure 5 is carried out according to the functions of the 
network layers in figure 2, where layers 7 through 3 implement packet filter policy (a 
policy manager including at least one filter). 

Subsequently in steps 550 and 555, packet filtering is applied. If at step 555, a 
packet is allowed to pass through, at subsequent steps 560 and 565, TCP and IP 
headers are respectively added (a driver receiving instructions from policy manger to 
modify the packet) 
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In further regards to claim 13, Lee fails to teach, the filtering policies being 
applied on a mobile node. Inoue teaches the above-mentioned limitation in figure 3 
where a mobile IP network is shown with gateways 4a-4c and a mobile node 2. The 
gateways, carryout filtering according to prescribe security policies for the mobile node 
(see column 11, lines 19-23). 

Therefore, it would have been obvious to one skilled in the art at the time the 
invention was made to incorporate the firewall processing method taught by Lee into a 
security policy implement by the gateways in the mobile IP network disclosed by Inoue. 
The motivation to do so would be to provide security for real time applications that use 
mobile IP. 

In regards to claim 14, Lee shows in steps 565 an IP header added to a packet. 

In regards to claim 15, Lee in combinations with Inoue teaches all the limitations 
of parent claims 14 and 15. Lee fails to show new source and destination addresses 
being added to an IP header. Inoue however shows in figure 7, an inner IP header 
being added with a new source and destination addresses. 

Therefore, it would have been obvious to one skilled in the art at the time the 
invention was made to incorporate the firewall processing method taught by Lee into a 
security policy implement by the gateways in the mobile IP network disclosed by Inoue. 
The motivation to do so would be to provide security for real time applications that use 
mobile IP. 

In regards to claims 16 and 17, Lee shows in step 520, the data being split into 
TCP and UDP data and in steps 550 and 560, UDP packet filtering policy is applied. 
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In regards to claim 19, Lee shows in figure 5 a packet processing method to 
using a firewall in association with real-time Internet applications. After layer 3 and 
layer 4 processing is carried out at step 515, at step 520 the packet is split into TCP and 
UDP data. The process of figure 5 is carried out according to the functions of the 
network layers in figure 2, where layers 7 through 3 implement packet filter policy. 
Subsequently in steps 550 and 555, packet filtering is applied (accessing at least one 
filter and examining the packet according to at least one filter in the policy manager). 

If at step 555, a packet is allowed to pass through, at subsequent steps 560 and 
565, TCP and IP headers are respectively added (modifying the packet according to the 
filter). 

In further regards to claim 19, Lee fails to teach, the filtering policies being 
applied on a mobile node. Inoue teaches the above-mentioned limitation in figure 3 
where a mobile IP network is shown with gateways 4a-4c and a mobile node 2. The 
gateways, carryout filtering according to prescribe security policies for the mobile node 
(see column 11, lines 19-23). 

Therefore, it would have been obvious to one skilled in the art at the time the 
invention was made to incorporate the firewall processing method taught by Lee into a 
security policy implement by the gateways in the mobile IP network disclosed by Inoue. 
The motivation to do so would be to provide security for real time applications that use 
mobile IP. 

In regards to claim 20, Lee shows in steps 565 an IP header added to a packet. 
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In regards to claim 21 , Lee in combinations with Inoue teaches all the limitations 
of parent claims 19 and 20. Lee fails to show new source and destination addresses 
being added to an IP header. Inoue however shows in figure 7, an inner IP header 
being added with a new source and destination addresses. 

Therefore, it would have been obvious to one skilled in the art at the time the 
invention was made to incorporate the firewall processing method taught by Lee into a 
security policy implement by the gateways in the mobile IP network disclosed by Inoue. 
The motivation to do so would be to provide security for real time applications that use 
mobile IP. 

In regards to claims 22 and 23, Lee shows in step 520, the data being split into 
TCP and UDP data and in steps 550 and 560, UDP packet filtering policy is applied. 

5. Claims 6, 12, 18 and 24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Lee (US Patent 7047561 B1) and Inoue et al. (US Patent 6167513) 
as applied to claims 1-5, 7-1 1 , 13-17 and 19-23 above, and further in view of Donahue 
(US Patent 7149219 B2). 

In regards to claims 6, 12, 28 and 24, Lee in combination with Inoue teaches all 
the limitations of parent claims 1, 7, 13 and 19. Neither Lee nor Inoue teach however, a 
filtering process determining an original destination IP address for a packet. Donahue 
teaches the above-mentioned limitation. 

Donahue teaches a content filtering server that determines the destination IP 
address of a packet (see column 4, lines 27-30). 
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Therefore, it would have been obvious for one skilled in the art at the time the 
invention was made to incorporate the examination of the destination address as taught 
by Donahue with the firewall processing method taught by Lee into a security policy 
implement by the gateways in the mobile IP network disclosed by Inoue. The 
motivation to do so would be to provide security for real time applications that use 
mobile IP. 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jay P. Patel whose telephone number is (571) 272- 
3086. The examiner can normally be reached on M-F 9:00 am - 5:00 p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Hassan Kizou can be reached on (571) 272-3088. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Jay P. Patel 
Examiner 
Art Unit 2616 
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